Initially, people voluntarily handed over their personal information and friends data — they thought they were participating in a survey conducted by a Russian-American academic. What they unwittingly did was give their data to Cambridge Analytica.

But that’s the point — people give away alot of very personal information to Facebook. Then they just as quickly give it away to third parties without really knowing what in heaven’s name they’re doing with the information.

Here are the three basic ways we’re handing over very personal information — our birthday, our “likes,” our preferences, who we’re friends with online — and how quickly it can be taken from us.

1. The simple act ofsigning upfor Facebook

It’s that simple. Some people think Facebook doesn’t have all that much information on them because they rarely use it. You may be a lurker. How much data can Facebook really have on you?

A lot! If you’re curious about what kind of data Facebook has about you, you can follow these steps to download your personal Facebook history. In these archives you’ll find fun things you probably never thought were stored on a server somewhere about you.

The archive contains a list of IP addresses that you’ve used to logged into your Facebook account, ads that you clicked on, and cell phone numbers associated with your account.

Facebook also tracks this type of data you entered onto the platform:

A facial recognition ID that is associated with your photo and is used to identify images of you

Your maiden name

Credit card information

Your hometown

Your political views

Your addresses

Any networks you’re associated with — like colleges or companies you belonged to

2. The even simpler act of using Facebook

Facebook keeps detailed data of all your preferences and every one of your “likes” — and it leverages that information for super-precise ad targeting. By reacting to Facebook posts, it’s kind of like you’re participating in an ongoing consumer survey exclusively for Facebook.

Your activity log can give you a pretty good idea of your Facebook behavior over time. It’s a record of all your activities from today all the way back to the day you signed up for your account. Here, you’ll find every like, :haha:, :wow:, :angry:, :love:, and :sad: reaction you’ve ever made to a Facebook post; every video, song, and photo you’ve looked at, listened to, posted, and been tagged in. It also keeps every change to your profile you’ve ever made.

3. Signing in to third-party apps through Facebook

Lam Thuy Vo/ Tinder and Facebook

Here’s where it really gets hairy.

You know that convenient option of logging into a third-party app with your Facebook credentials? Once you click “continue,” you’re allowing this app — it could be Spotify, Farmville, or, say, a survey being conducted by a Russian-American academic connected to Cambridge Analytica — to access a ton of the precious personal data that Facebook has on you.

For example, if you use Tinder via Facebook, you have to hand over at least some basic information about your public profile, which includes your name, your gender, and anything else you posted publicly about yourself.

By default, the app also asks for access to a complete list of your friends, what genders you are interested in, your birthday, your work and educational history, any photo you’ve ever uploaded or are tagged in, any pages and groups you like, and your email address.

Lam Thuy Vo/ Tinder and Facebook

Unless you edit the default settings upon your first Tinder login — and you probably don’t — you automatically give the dating app all this data.

These are only a few of the data points that apps may ask for. Here’s a complete list.

Back in 2014 — when the academic linked to Cambridge Analytica, Aleksandr Kogan, used his app to collect data — Facebook users were also able to give third-party apps permission to gather not just personal information but also the information of their friends. At the time, this data included things like the check-ins, locations, and interests of a user’s friend.

“The news about Facebook and Cambridge Analytica should serve as a reminder of the inevitable privacy risks in a world where a near-endless stream of personal information is collected indefinitely stored, analyzed, and re-used by marketers, identity thieves, and professional government snoops,” Corynne McSherry, legal director of the Electronic Frontier Foundation, told BuzzFeed News through a spokesperson.